Hi Anoob, > > >> > > >> Hi Anoob, > > >> > > >> What is the difference between "Inline crypto" in that document and > > >> this "Inline protocol"? Both seems providing same outpout. > > > > > > [Anoob] Yes. It is partly because the description of "inline crypto" is > > > not > > accurate. The feature, "inline crypto" is not ipsec aware but would do > > crypto > > operation in the ipsec. This summary points to the security documentation > > for further details and that doc clearly explains the difference between > > both > > modes. > > > > > >> Is there a way to differentiate them more clearly? > > > > > > [Anoob] There are two options I can think of, 1. Update the feature > > > list to describe the difference between the two. Have a line like, > > > "As compared to inline crypto, inline protocol will handle the entire > > protocol offload in addition to the crypto operation." > > > 2. Both inline crypto and inline protocol falls under security. So could > > > even > > rename "Inline crypto" to "Inline security offload" and we should be good to > > go. Also, under inline protocol, there are various protocols possible. Say, > > tomorrow when we add MACSEC support, the same question would arise (as > > in whether it's a new feature or would it be under "inline protocol").
Please re-phrase the description of inline crypto as well so that there is a clear Differentiation between the two modes. Referring to rte_security is not enough. It can be something like For Inline crypto: An operation defined in rte_security lib to perform only crypto Operations of the security protocol while the packet is received at NIC. NIC is not aware of the protocol operations. See Security library and PMD documentation for more details. For Inline protocol : An operation defined in rte_security lib to perform protocol processing for the security protocol (e.g. IPSEC, MACSEC) while the packet is received at the NIC. The NIC is capable to understand the security protocol operations. See Security library and PMD documentation for more details. > > > > Hi Anoob, > > > > These seems security related and I don't know enough to comment if this is > > correct thing to do. I have cc'ed a few more people for comment. > > > > @Akhil, would you mind if I assign this to you? > > > > Thanks, > > ferruh > > > > > > > >> > > >>> > > >>> Thanks, > > >>> Anoob > > >>> > > >>>> -----Original Message----- > > >>>> From: dev <dev-boun...@dpdk.org> On Behalf Of Anoob Joseph > > >>>> Sent: Tuesday, December 10, 2019 12:23 PM > > >>>> To: John McNamara <john.mcnam...@intel.com>; Marko Kovacevic > > >>>> <marko.kovace...@intel.com>; Ferruh Yigit <ferruh.yi...@intel.com> > > >>>> Cc: Anoob Joseph <ano...@marvell.com>; Jerin Jacob Kollanukkaran > > >>>> <jer...@marvell.com>; Narayana Prasad Raju Athreya > > >>>> <pathr...@marvell.com>; dev@dpdk.org > > >>>> Subject: [dpdk-dev] [PATCH] doc: add inline protocol in feature > > >>>> list > > >>>> > > >>>> Update feature list to include inline protocol offload. > > >>>> > > >>>> Signed-off-by: Anoob Joseph <ano...@marvell.com> > > >>>> --- > > >>>> doc/guides/nics/features.rst | 18 ++++++++++++++++++ > > >>>> doc/guides/nics/features/default.ini | 1 + > > >>>> 2 files changed, 19 insertions(+) > > >>>> > > >>>> diff --git a/doc/guides/nics/features.rst > > >>>> b/doc/guides/nics/features.rst index > > >>>> 8394a65..f4eb2a9 100644 > > >>>> --- a/doc/guides/nics/features.rst > > >>>> +++ b/doc/guides/nics/features.rst > > >>>> @@ -433,6 +433,24 @@ Supports inline crypto processing (e.g. inline > > >>>> IPsec). See Security library and > > >>>> ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``, > > >>>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``. > > >>>> > > >>>> > > >>>> +.. _nic_features_inline_protocol_doc: > > >>>> + > > >>>> +Inline protocol > > >>>> +--------------- > > >>>> + > > >>>> +Supports inline protocol processing (e.g. inline IPsec). See > > >>>> +Security library and > > >>>> PMD documentation for more details. > > >>>> + > > >>>> +* **[uses] rte_eth_rxconf,rte_eth_rxmode**: > > >>>> ``offloads:DEV_RX_OFFLOAD_SECURITY``, > > >>>> +* **[uses] rte_eth_txconf,rte_eth_txmode**: > > >>>> ``offloads:DEV_TX_OFFLOAD_SECURITY``. > > >>>> +* **[implements] rte_security_ops**: ``session_create``, > > >>>> +``session_update``, > > >>>> + ``session_stats_get``, ``session_destroy``, > > >>>> +``set_pkt_metadata``, ``get_userdata``, > > >>>> + ``capabilities_get``. > > >>>> +* **[provides] rte_eth_dev_info**: > > >>>> > > >> > > +``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``, > > >>>> + > > >> > > ``tx_offload_capa,tx_queue_offload_capa:DEV_TX_OFFLOAD_SECURITY``. > > >>>> +* **[provides] mbuf**: ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD``, > > >>>> + ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``, > > >>>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``. > > >>>> + > > >>>> + > > >>>> .. _nic_features_crc_offload: > > >>>> > > >>>> CRC offload > > >>>> diff --git a/doc/guides/nics/features/default.ini > > >>>> b/doc/guides/nics/features/default.ini > > >>>> index 91ec619..4d0ad32 100644 > > >>>> --- a/doc/guides/nics/features/default.ini > > >>>> +++ b/doc/guides/nics/features/default.ini > > >>>> @@ -42,6 +42,7 @@ Flow API = > > >>>> Rate limitation = > > >>>> Traffic mirroring = > > >>>> Inline crypto = > > >>>> +Inline protocol = > > >>>> CRC offload = > > >>>> VLAN offload = > > >>>> QinQ offload = > > >>>> -- > > >>>> 2.7.4 > > >>> > > >
